@intranefr/superbackend 1.4.4 → 1.5.0

package/src/services/scriptsRunner.service.js

@@ -0,0 +1,259 @@
+const { EventEmitter } = require('events');
+const { spawn } = require('child_process');
+const { NodeVM } = require('vm2');
+
+const ScriptRun = require('../models/ScriptRun');
+
+const MAX_TAIL_BYTES = 64 * 1024;
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function appendTail(prev, chunk) {
+  const next = String(prev || '') + String(chunk || '');
+  const buf = Buffer.from(next, 'utf8');
+  if (buf.length <= MAX_TAIL_BYTES) return next;
+  return buf.slice(buf.length - MAX_TAIL_BYTES).toString('utf8');
+}
+
+function safeJsonParse(str) {
+  try {
+    return JSON.parse(String(str || ''));
+  } catch {
+    return null;
+  }
+}
+
+function buildEnvPairs(env) {
+  const pairs = Array.isArray(env) ? env : [];
+  const out = {};
+  for (const item of pairs) {
+    if (!item || typeof item !== 'object') continue;
+    const key = String(item.key || '').trim();
+    if (!key) continue;
+    const value = String(item.value || '');
+    out[key] = value;
+  }
+  return out;
+}
+
+class RunBus {
+  constructor(runId) {
+    this.runId = String(runId);
+    this.emitter = new EventEmitter();
+    this.seq = 0;
+    this.buffer = [];
+    this.closed = false;
+  }
+
+  push(event) {
+    if (this.closed) return;
+    this.seq += 1;
+    const payload = { seq: this.seq, ...event };
+    this.buffer.push(payload);
+    if (this.buffer.length > 2000) this.buffer.shift();
+    this.emitter.emit('event', payload);
+  }
+
+  close() {
+    this.closed = true;
+    this.emitter.emit('close');
+  }
+
+  snapshot(sinceSeq) {
+    const since = Number(sinceSeq || 0);
+    return this.buffer.filter((e) => Number(e.seq) > since);
+  }
+}
+
+const runs = new Map();
+
+function getRunBus(runId) {
+  return runs.get(String(runId)) || null;
+}
+
+async function startRun(scriptDef, options) {
+  const trigger = options?.trigger || 'manual';
+  const meta = options?.meta || null;
+
+  const runDoc = await ScriptRun.create({
+    scriptId: scriptDef._id,
+    status: 'queued',
+    trigger,
+    startedAt: null,
+    finishedAt: null,
+    exitCode: null,
+    outputTail: '',
+    meta,
+  });
+
+  const bus = new RunBus(runDoc._id);
+  runs.set(String(runDoc._id), bus);
+
+  setImmediate(async () => {
+    try {
+      await ScriptRun.updateOne(
+        { _id: runDoc._id },
+        { $set: { status: 'running', startedAt: new Date() } },
+      );
+
+      bus.push({ type: 'status', ts: nowIso(), status: 'running' });
+
+      const timeoutMs = Number(scriptDef.timeoutMs || 0) || 5 * 60 * 1000;
+      const env = { ...process.env, ...buildEnvPairs(scriptDef.env) };
+      const cwd = String(scriptDef.defaultWorkingDirectory || '').trim() || undefined;
+
+      let exitCode = 0;
+
+      if (scriptDef.type === 'bash') {
+        if (scriptDef.runner !== 'host') {
+          throw Object.assign(new Error('bash scripts only support host runner'), { code: 'VALIDATION' });
+        }
+        exitCode = await runSpawned({
+          runId: runDoc._id,
+          bus,
+          command: 'bash',
+          args: ['-lc', scriptDef.script],
+          env,
+          cwd,
+          timeoutMs,
+        });
+      } else if (scriptDef.type === 'node') {
+        if (scriptDef.runner === 'vm2') {
+          exitCode = await runVm2({ runId: runDoc._id, bus, code: scriptDef.script, timeoutMs });
+        } else if (scriptDef.runner === 'host') {
+          exitCode = await runSpawned({
+            runId: runDoc._id,
+            bus,
+            command: 'node',
+            args: ['-e', scriptDef.script],
+            env,
+            cwd,
+            timeoutMs,
+          });
+        } else {
+          throw Object.assign(new Error('Invalid runner for node script'), { code: 'VALIDATION' });
+        }
+      } else if (scriptDef.type === 'browser') {
+        throw Object.assign(new Error('browser scripts run in the UI only'), { code: 'VALIDATION' });
+      } else {
+        throw Object.assign(new Error('Unsupported script type'), { code: 'VALIDATION' });
+      }
+
+      const finalStatus = exitCode === 0 ? 'succeeded' : 'failed';
+      await ScriptRun.updateOne(
+        { _id: runDoc._id },
+        { $set: { status: finalStatus, finishedAt: new Date(), exitCode } },
+      );
+
+      bus.push({ type: 'status', ts: nowIso(), status: finalStatus, exitCode });
+      bus.push({ type: 'done', ts: nowIso(), status: finalStatus, exitCode });
+      bus.close();
+
+      setTimeout(() => {
+        runs.delete(String(runDoc._id));
+      }, 5 * 60 * 1000).unref();
+    } catch (err) {
+      const msg = err?.message || 'Run failed';
+      await ScriptRun.updateOne(
+        { _id: runDoc._id },
+        { $set: { status: 'failed', finishedAt: new Date(), exitCode: 1 }, $setOnInsert: {} },
+      );
+      bus.push({ type: 'log', ts: nowIso(), stream: 'stderr', line: msg + '\n' });
+      bus.push({ type: 'status', ts: nowIso(), status: 'failed', exitCode: 1 });
+      bus.push({ type: 'done', ts: nowIso(), status: 'failed', exitCode: 1 });
+      bus.close();
+
+      setTimeout(() => {
+        runs.delete(String(runDoc._id));
+      }, 5 * 60 * 1000).unref();
+    }
+  });
+
+  return { runId: String(runDoc._id) };
+}
+
+async function runSpawned({ runId, bus, command, args, env, cwd, timeoutMs }) {
+  return await new Promise((resolve, reject) => {
+    const child = spawn(command, args, {
+      env,
+      cwd,
+      stdio: ['ignore', 'pipe', 'pipe'],
+    });
+
+    let tail = '';
+
+    const killTimer = setTimeout(() => {
+      try {
+        child.kill('SIGKILL');
+      } catch {}
+    }, timeoutMs);
+    killTimer.unref();
+
+    const onData = async (stream, chunk) => {
+      const s = chunk.toString('utf8');
+      tail = appendTail(tail, s);
+      bus.push({ type: 'log', ts: nowIso(), stream, line: s });
+      await ScriptRun.updateOne({ _id: runId }, { $set: { outputTail: tail } });
+    };
+
+    child.stdout.on('data', (c) => onData('stdout', c));
+    child.stderr.on('data', (c) => onData('stderr', c));
+
+    child.on('error', (err) => {
+      clearTimeout(killTimer);
+      reject(err);
+    });
+
+    child.on('close', (code) => {
+      clearTimeout(killTimer);
+      resolve(Number(code || 0));
+    });
+  });
+}
+
+async function runVm2({ runId, bus, code, timeoutMs }) {
+  let tail = '';
+
+  function pushLog(stream, line) {
+    const s = String(line || '');
+    tail = appendTail(tail, s);
+    bus.push({ type: 'log', ts: nowIso(), stream, line: s });
+    return ScriptRun.updateOne({ _id: runId }, { $set: { outputTail: tail } });
+  }
+
+  const vm = new NodeVM({
+    console: 'redirect',
+    sandbox: {},
+    require: {
+      external: false,
+      builtin: [],
+    },
+    timeout: timeoutMs,
+    eval: false,
+    wasm: false,
+  });
+
+  vm.on('console.log', (...args) => {
+    pushLog('stdout', args.map((a) => (typeof a === 'string' ? a : JSON.stringify(a))).join(' ') + '\n');
+  });
+  vm.on('console.error', (...args) => {
+    pushLog('stderr', args.map((a) => (typeof a === 'string' ? a : JSON.stringify(a))).join(' ') + '\n');
+  });
+
+  try {
+    vm.run(code, 'script.vm2.js');
+    return 0;
+  } catch (err) {
+    const msg = err?.message || 'vm2 error';
+    await pushLog('stderr', msg + '\n');
+    return 1;
+  }
+}
+
+module.exports = {
+  startRun,
+  getRunBus,
+  safeJsonParse,
+};

package/src/services/terminals.service.js

@@ -0,0 +1,152 @@
+const crypto = require('crypto');
+const pty = require('node-pty');
+
+const sessions = new Map();
+
+const MAX_SESSIONS = 20;
+const IDLE_TTL_MS = 15 * 60 * 1000;
+
+function now() {
+  return Date.now();
+}
+
+function newId() {
+  return crypto.randomBytes(16).toString('hex');
+}
+
+function listSessions() {
+  return Array.from(sessions.values())
+    .map((s) => ({
+      sessionId: s.sessionId,
+      status: s.status,
+      createdAt: s.createdAt,
+      lastActivityAt: s.lastActivityAt,
+      cols: s.cols,
+      rows: s.rows,
+    }))
+    .sort((a, b) => b.createdAt - a.createdAt);
+}
+
+function getSession(sessionId) {
+  return sessions.get(String(sessionId)) || null;
+}
+
+function createSession(options = {}) {
+  if (sessions.size >= MAX_SESSIONS) {
+    const err = new Error('Too many active terminal sessions');
+    err.code = 'LIMIT';
+    throw err;
+  }
+
+  const cols = Number(options.cols || 120);
+  const rows = Number(options.rows || 30);
+
+  const shell = process.env.SHELL || 'bash';
+
+  const p = pty.spawn(shell, [], {
+    name: 'xterm-256color',
+    cols,
+    rows,
+    cwd: process.cwd(),
+    env: process.env,
+  });
+
+  const sessionId = newId();
+  const s = {
+    sessionId,
+    pty: p,
+    status: 'running',
+    createdAt: now(),
+    lastActivityAt: now(),
+    cols,
+    rows,
+  };
+
+  p.onExit(() => {
+    const cur = sessions.get(sessionId);
+    if (cur) {
+      cur.status = 'closed';
+      cur.lastActivityAt = now();
+    }
+  });
+
+  sessions.set(sessionId, s);
+
+  return { sessionId };
+}
+
+function touch(sessionId) {
+  const s = sessions.get(String(sessionId));
+  if (!s) return;
+  s.lastActivityAt = now();
+}
+
+function resizeSession(sessionId, cols, rows) {
+  const s = getSession(sessionId);
+  if (!s || s.status !== 'running') return;
+  const c = Number(cols || 0);
+  const r = Number(rows || 0);
+  if (!c || !r) return;
+  s.cols = c;
+  s.rows = r;
+  s.lastActivityAt = now();
+  try {
+    s.pty.resize(c, r);
+  } catch {}
+}
+
+function writeSession(sessionId, data) {
+  const s = getSession(sessionId);
+  if (!s || s.status !== 'running') return;
+  s.lastActivityAt = now();
+  try {
+    s.pty.write(String(data || ''));
+  } catch {}
+}
+
+function killSession(sessionId) {
+  const s = getSession(sessionId);
+  if (!s) {
+    const err = new Error('Session not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+
+  try {
+    s.pty.kill();
+  } catch {}
+
+  sessions.delete(String(sessionId));
+  return { ok: true };
+}
+
+function cleanupIdleSessions() {
+  const cutoff = now() - IDLE_TTL_MS;
+  for (const [id, s] of sessions.entries()) {
+    if (s.lastActivityAt < cutoff) {
+      try {
+        s.pty.kill();
+      } catch {}
+      sessions.delete(id);
+    }
+  }
+}
+
+let cleanupTimer = null;
+function ensureCleanupTimer() {
+  if (cleanupTimer) return;
+  cleanupTimer = setInterval(cleanupIdleSessions, 60 * 1000);
+  cleanupTimer.unref();
+}
+
+ensureCleanupTimer();
+
+module.exports = {
+  createSession,
+  listSessions,
+  getSession,
+  killSession,
+  writeSession,
+  resizeSession,
+  touch,
+};

package/src/services/terminalsWs.service.js

@@ -0,0 +1,100 @@
+const { WebSocketServer } = require('ws');
+const url = require('url');
+
+const { createSession, getSession, writeSession, resizeSession, touch } = require('./terminals.service');
+
+function isBasicAuthValid(req, options) {
+  const authHeader = req.headers['authorization'] || '';
+  if (!String(authHeader).startsWith('Basic ')) return false;
+
+  const decoded = Buffer.from(String(authHeader).slice(6), 'base64').toString('utf-8');
+  const parts = decoded.split(':');
+  const username = parts[0] || '';
+  const password = parts.slice(1).join(':') || '';
+
+  const adminUsername = (options && options.adminUsername) || process.env.ADMIN_USERNAME || 'admin';
+  const adminPassword = (options && options.adminPassword) || process.env.ADMIN_PASSWORD || 'admin';
+
+  return username === adminUsername && password === adminPassword;
+}
+
+function attachTerminalWebsocketServer(server, options = {}) {
+  const wsPath = '/api/admin/terminals/ws';
+
+  const wss = new WebSocketServer({ noServer: true });
+
+  console.log(`[Terminals] WebSocket upgrade path: ${wsPath}`);
+
+  server.on('upgrade', (req, socket, head) => {
+    const parsed = url.parse(req.url, true);
+    if (!parsed || parsed.pathname !== wsPath) return;
+
+    console.log(`[Terminals] WebSocket upgrade request for ${parsed.pathname}`);
+    wss.handleUpgrade(req, socket, head, (ws) => {
+      wss.emit('connection', ws, req, parsed);
+    });
+  });
+
+  wss.on('connection', (ws, req, parsed) => {
+    const q = parsed && parsed.query ? parsed.query : {};
+    let sessionId = q.sessionId ? String(q.sessionId) : null;
+
+    if (!sessionId) {
+      const created = createSession({ cols: 120, rows: 30 });
+      sessionId = created.sessionId;
+      ws.send(JSON.stringify({ type: 'session', sessionId }));
+    }
+
+    const s = getSession(sessionId);
+    if (!s || s.status !== 'running') {
+      ws.send(JSON.stringify({ type: 'error', error: 'Session not found' }));
+      ws.close();
+      return;
+    }
+
+    ws.send(JSON.stringify({ type: 'status', status: 'running', sessionId }));
+
+    const onData = (data) => {
+      try {
+        ws.send(JSON.stringify({ type: 'output', data: String(data || '') }));
+      } catch {}
+    };
+
+    s.pty.onData(onData);
+
+    ws.on('message', (raw) => {
+      touch(sessionId);
+      let msg;
+      try {
+        msg = JSON.parse(String(raw || ''));
+      } catch {
+        return;
+      }
+      if (!msg || typeof msg !== 'object') return;
+
+      if (msg.type === 'input') {
+        writeSession(sessionId, msg.data);
+      }
+
+      if (msg.type === 'resize') {
+        resizeSession(sessionId, msg.cols, msg.rows);
+      }
+    });
+
+    ws.on('close', () => {
+      try {
+        s.pty.offData(onData);
+      } catch {}
+    });
+
+    ws.on('error', () => {
+      try {
+        s.pty.offData(onData);
+      } catch {}
+    });
+  });
+
+  return { wss, wsPath };
+}
+
+module.exports = { attachTerminalWebsocketServer };